Log in

Network

To get the most from our network, tell us a little about your interests. Job and news alerts can be sent according to your interest and other users will be able to see your selection. You can skip this section and sign up in your account at a later date.

International operation takes down DDOS website with over 135,000 users

A website linked to more than four million Distributed Denial of Service (DDOS) attacks across the world has been shut down following an investigation led by the National Crime Agency (NCA) and the Dutch National Police.

Apr 26, 2018

By Joe Shine

On Tuesday (April 24), authorities in the Netherlands, Serbia, Croatia, Canada and Scotland arrested six administrators of ‘webstresser.org’ – a website that could be rented for as little as $14.99 to launch millions of DDOS attacks.

In a DDOS attack, the attacker remotely controls devices to direct large amounts of traffic at a website or an online platform, causing it to crash.

Webstresser was considered the world’s biggest marketplace to hire orchestrated cyber attacks, with four million being measured by April 2016, targeting online services offered by banks, government institutions and police forces.

The website, which had more than 136,000 registered users, was seized and taken down on Wednesday (April 25). Europol said “further measures” were taken against the “top users”.

As part of the operational activity, an address was identified and searched in Bradford, West Yorkshire, and several items were seized.

NCA officers believe an individual linked to the address used webstresser to target seven of the UK’s largest banks in November 2017, incurring costs in the hundreds of thousands of pounds to get services back online.

Senior Investigating Officer at the NCA Jo Goodall called for businesses to report cyber crime as early as possible to help law enforcement assess new methodologies while offenders’ tactics continue to evolve rapidly.

She added: “A significant criminal website has been shut down and the sophisticated crime group behind it stopped as a result of an international investigation involving law enforcement agencies from eleven countries.

“Cybercrime, by default, is a threat that crosses borders and our response must be one that utilises the close international law enforcement collaboration that is crucial to tackling this threat. The arrests made over the past two days show that the internet does not provide bullet-proof anonymity to offenders and we expect to identify further suspects linked to the site in the coming weeks and months as we examine the evidence we have gathered.

“Cyber offenders can act against UK targets from anywhere in the world and this means UK-based offenders can also attack targets in any country. Our success depends on law enforcement, government and industry working together to fight cybercrime.

“Over the last year we have seen how cyber attacks have real-world consequences; resulting in actual physical harm as well as causing reputational and financial damage to businesses of all sizes. The cyber threat is constantly evolving and we are improving our tactics and capabilities in response.”

Steven Wilson, head of Europol’s European Cybercrime Centre, said: “We have a trend where the sophistication of certain professional hackers to provide resources is allowing individuals – and not just experienced ones – to conduct DDOS attacks and other kind of malicious activities online.

“It’s a growing problem, and one we take very seriously. Criminals are very good at collaborating, victimising millions of users in a moment form anywhere in the world. We need to collaborate as good as them with our international partners to turn the table on these criminals and shut down their malicious cyberattacks.”

Gert Ras, head of the National High Tech Crime Unit at the Dutch National Police added: “By taking down world’s largest illegal DDOS seller in a worldwide joint law enforcement operation based on NCA intelligence, we have made an unprecedented impact on DDOS cybercrime. Not only were the administrators of this illegal service arrested, but also users will now face prosecution and civil liability for caused damage.

“This is a warning to all wannabee DDOS-ers – do not DDOS because through close law enforcement collaboration, we will identify you, bring you to court and facilitate that you will be held liable by the victims for the huge damage you cause”.